- // Recover request in session
- $request = S::v('openid_request');
- if (is_null($request)) {
- // There is no authentication information, something went wrong
- pl_redirect('/');
- return;
- }
-
- // Unserialize the request
- require_once 'Auth/OpenID/Server.php';
- $request = unserialize($request);
-
- $server = init_openid_server();
- $user = S::user();
- $identity = null;
- $claimed_id = null;
-
- // Set the identity to the user currently logged in
- // if an OP Identifier was initially used
- if ($request->identity == Auth_OpenID_IDENTIFIER_SELECT) {
- $identity = $user->hruid;
- $claimed_id = get_user_openid_url($user);
- // Check that the identity matches the user currently logged in
- // if an User Identifier was initially used
- } else if ($request->identity != $user->hruid) {
- $response =& $request->answer(false);
- $webresponse =& $server->encodeResponse($response);
- $this->render_openid_response($webresponse);
- return;
- }
-
- // Prepare Simple Registration response fields
- require_once 'Auth/OpenID/SReg.php';
- $sreg_request = Auth_OpenID_SRegRequest::fromOpenIDRequest($request);
- $sreg_response = Auth_OpenID_SRegResponse::extractResponse($sreg_request, get_sreg_data($user));
-
-
- // Ask the user for confirmation
- if ($_SERVER['REQUEST_METHOD'] != 'POST') {
- $page->changeTpl('openid/trust.tpl');
- $page->assign('relying_party', $request->trust_root);
- $page->assign_by_ref('sreg_data', $sreg_response->data);
- return;
- }
-
- // At this point $_SERVER['REQUEST_METHOD'] == 'POST'
- // Answer to the Relying Party
- if (isset($_POST['trust'])) {
- S::kill('openid_request');
- $response =& $request->answer(true, null, $identity, $claimed_id);